We prepared these hot topics crucial for you just in November 2023 due to the unique BeNeLux cyber landscape including: highly interconnected supply chains, dependance on third party vendors, and the region’s high adoption of multi-cloud which is  the next frontier. All these raise the need for a new cloud security operations model and the need for safeguarding your IoT ecosystems.

In addition,  increased cyber threats during the holiday season impose development of a strong cybersecurity workforce,  with you as a leader of building cyber resilience.

That is why you must stay updated on the latest trends to effectively protect your leadership position and your organization.

Agenda November 2023

Supported by

08:00

Registration

08:30

Seated Working Roundtable Breakfast

09:00

• Are you aware of all the risks posed by third-party vendors to your organisation’s cyber security?

Dr Martijn Dekker

Global Chief Information Security Officer,
ABN AMRO Bank N.V.

09:25

Cyberthreats continue to grow and cybercriminals are getting more sophisticated. Hence, every user of an organisation, regardless of insiders or outsiders, must be authenticated and authorised. In order to help prevent cyberattacks, one must implement zero trust security effectively.

  • What are the fundamental principles of zero trust?
  • Continuous verification and authentication of devices as no device is out of the suspect list.
  • There are so many aspects of the implementation of Zero Trust, e.g: MFA, Data encryption, comprehensive security assessment etc, what works best for your organisation?

Arseny Kapralov

Head of Operational Security,
Mollie

Tiago Teles

Head of Data Insights and Issue Management
ABN AMRO Bank

Davide Davolio

Western and Southern Europe Security Specialist,
Uber

Nicole van der Meulen

Cyber Security Expert and Former Head of Policy & Development at European Cybercrime Centre in
Europol

10:00

Deepfakes are here, and they are here to stay. And with technology ever advancing, it is no longer a matter of simply knowing what a deepfake is. Organizations need to actively decide how they can utilize them to grow their business, and at the same time defend against the malicious use of this technology. In this session, we’ll look at the evolving role of deepfakes in our lives. We’ll talk about real-world examples, you’ll learn what makes them so special, and how you can protect against deepfakes in general. 

Jelle Wieringa

Security Awareness Advocate,
KnowBe4

10:20

Coffee break & 1-1 meetings

10:50

  • Establishing the need for an identity-driven, consolidated security architecture. 

  • Fine-tuning your SIEM as the best threat detection and response system. 

  • Security and risk posture management: Assessing and mitigating the risks of the prime target, AD right. 

  • Enforcing your organization’s security through CASB. 

Harish Sekar

Senior Technical Evangelist,
ManageEngine

11:15

  • Initiatives to create a strong and highly skilled workforce capable of confronting emerging cyber threats, as described in the European Cybersecurity Skills Framework.
  • Learn about the knowledge, abilities, and skills needed for diverse cybersecurity tasks as well as how the framework may assist organizations in identifying and developing these talents within their workforce.
  • Collaboration between business, academia, and government organizations is essential to fostering innovation and knowledge exchange in the field of cybersecurity and guaranteeing a robust and integrated ecosystem.

Christina Skouloudi

Cyber Security Officer,
Enisa

11:40

Enhancing CyberSecurity Practices
Exploration of effective approaches to strengthen cybersecurity, incident response, and organisational resilience.

Minimizing Attack Surface
We will discover techniques to reduce the vulnerability of systems and networks through proactive vulnerability management and secure configurations.

Countering Advanced Threats
Latest trends and tactics used by cybercriminals, and advanced detection and response techniques for proactive threat mitigation.

Victoria van Roosmalen

CISO & DPO,
Coosto

Antanas Kedys

CISO,
Nexpay

Lorena Carthy-Willmot

Digital Forensics & Cyber Security,
East Police District Norway

dr. Swantje Westpfahl

Director (CEO),
Institute for Security and Safety

12:10

No CISO is an island. We are the cyber-SWAT team that CISOs bring into the organization to solve a difficult or urgent problem or improve overall security. 

We help you rethink any dysfunctional or immature processes, implement, and manage new capabilities, and perform periodic security testing. 

Stop by our table to spar about your challenges and learn more about our capabilities. 

Mario Procopio

Founder and Managing Director
Pro CISO®

Naomi Levi

Cybersecurity Director
Pro CISO®

12:15

Lunch Break & 1-1 Meetings

13:10

Are you ready for the cloud? Most companies are on the path of digital transformation using the cloud to drive innovation! What about risk, exposure, and vulnerabilities when you adopt these new ways to compose services and applications? In this presentation, we give you a view of the art of possibilities with some actionable tips and tricks around the new cloud security operation model! 

Objectives
1- Get an understanding of what risk means in the cloud.
2- Learn how the new cloud security model works.
3- You will get insights into the art of the possible in contextual cloud security

Frans van Ierland

Cloud Security Craftsman,
Wiz

13:35

SCADA Attacks
Uncover vulnerabilities within IoT and SCADA systems and learn strategies to enhance their security.

Strengthening OT Security
Security of operational technology (OT) within IoT environments, safeguarding critical operational infrastructure and connected devices

Shadow IT Impact on OT
Addressing the risks of unauthorized devices and applications in OT environment

Lyzia van Iterson

Information Security Manager,
LKQ Europe

Roelof Kroon

Corporate Information Security Officer,
Alfen

Patrick Ghion

Head Regional Cyber Competence Centres,
Western Switzerland (RC3) at State of Geneve

Trish McGill

Executive Subject Matter Expert – Cyber Security IT/OT

14:10

Securing the world is a tough challenge and it’s only getting harder as the global threat landscape is perpetually evolving, with new threats and capabilities filling the niche of those that preceded them. In this session, we will take a look at how the capabilities of GenAI can help facing this challenge a little bit easier. We’ll cover the latest key trends in cybersecurity, GenAI, and Cloud Security, and how these can help organizations contribute to a safer, more secure world, one (GenAI) step at a time.

Arno van de Velde

Principal Solutions Architect,
Elastic

14:30

Coffee Break & 1-1 meetings

15:00

The world changes at a very rapid pace. The walls that once were related to creating secret and maintaining it as such are falling. Organizations are in the need of going beyond just privacy, encryption or tokenization and embrace the whole journey enabled by information discovery, data lineage, observability, governance, risk reduction,… so that data protection sits at the core of every industry, market and geography. At the end of day, it is the ultimate goal of any company on the planet: Protect and Defend. By attending this session attendees will experience real-world use cases about Information Protection and how different industries have adapted and adopted processes, procedures and technology to amplify their reach in Data Protection. This is what is required. To go beyond security. To further comprehend protection as a whole. Protection beyond Security.

Ramsés Gallego

Opentext Cybersecurity

15:25

We’re transforming into cloud-native architecture. There’s no doubt about that.

Containers and software-defined infrastructure raise their own security challenges.

But how is this different than legacy tech-stacks from the perspective of the attacker?

We get endless numbers of CVE alerts regarging our infra and apps to the point that we can’t see the forrest from the trees. 

Given a predictable, uniform and explicable way of validating attack vectors and triaging the remediation, 

We could zoom in better on the most imminent threats.

This talk will cover how we can dynamically test cloud-native environments. 

What are the challenges in our path and what tools are readily available for us to employ.

We shall conclude with the rationale to strive for uniform methodology and platform.

——————

The speaker has led several R&D projects in security detection and testing using machine learning.

He developed open-source hacking tools used by tens of thousands of hackers, and currently leads ING bank’s private cloud security.

Raviv Raz

Cloud Security Manager,
ING Bank

15:50

I can steal your stuff

Most people switch off when someone starts talking about cyber security. In the time it takes you to read this synopsis, two small businesses will be successfully hacked in the UK. And yet, you still probably won’t do anything about it, because where do you even begin?!

If you dare to join my audience, I will steal your information in front of your eyes – and then I will point you in the right direction to do something about it.  

Join Paul Newton of Mental Theft and become “Strong, Confident and Wary”.

Paul Newton

Mental Theft

16:00

Leg stretcher

16:10

Cyber insurance market is ever growing as the cybers threat landscape. It is predicted that the cyber insurance market is expected to grow exponentially, almost doubling in size in the next five years. Which indicates that it will be an integral part of the cybersecurity industry.

  • Insurance policies, are they adequate or it needs to be changed?
  • Do we need to reconsider systematic risk in order to unlock capacity?
  • What are the key drivers of cyber insurance?
  • What does the future of different organisations look like with cyber insurance and without insurance?

Jack Krul

CISO,
Exact

Daniela Almeida Lourenço

CISO,
Tinka

Dr Martjin Dekker

Global Chief Information Security Officer,
ABN AMRO Bank N.V.

16:50

NIS2 – To respond to the growing threats posed with digitalisation and the surge in cyber-attacks, the European Commission has introduced the NIS2 Directive in order to strengthen the security requirements, address the security of supply chains, streamline reporting obligations, and introduce more stringent supervisory measures and stricter enforcement requirements, including harmonised sanctions across the EU.
Will you be ready?

DORA – The Digital Operational Resilience Act solves an important problem in the EU financial regulation. But only from the perspective of regulators.
Is your financial institution able to satisfy all the requirements for the protection, detection, containment, recovery and repair capabilities against ICT-related incidents?
What should you do to fully implement it by 2025.?

Patric J.M. Versteeg

17:10

Annual CISO Raffle

17:30

Official Dinner Banquet

Nordics Edition

C-Level IT Security Event

BeNeLux Edition

C-Level IT Security Event

DACH Edition

C-Level IT Security Event